JDK Version: 1.7.0_07
Tomcat Version: 7.0.37
Step 1: Generate keystore and self-signed certificate with JDK tool placed in %JAVA_HOME%\bin:
keytool -genkey -alias tomcat -keyalg RSA -keystore /etc/tomcat.keystore -validity 365
This starts a wizard:
1. first question is a password for keystore (e.g. use "123456");
2. next 6 questions about organization (Input anything or skip by pressing Enter. These fields needed if we want to request cert from CA);
3. Note: the last question about password - do not input whatever, just press Enter to use same password as for keystore (this is requirement of Tomcat).
Step 2: Create https connector for Tomcat server:
edit file <APACHE_HOME>\conf\server.xml. Need to uncomment section:
<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
keystoreFile="/etc/tomcat.keystore" keystorePass="123456"
clientAuth="false" sslProtocol="TLS" />
Step 3: Restart Apache server to apply changes.
Step 4: Check that HTTPS is working:
https://localhost:8443